Re: 1.9. Magento and PCI complaints

yadavrekha0e0e · ‎08-31-2022

What would you do to keep your website PCI compliant if you were unable to upgrade to Magento 2? One of my clients uses a credit card processor that will only work with a particular extension. They are non-compliant since the author of the M1 extension no longer supports it. The only workaround I can think of is to have M1 checkout process the credit card information on the merchant account website before redirecting back to the Magento website, much like certain websites do when they want to go to Paypal.

youtube thumbnail grabber

Mukesh Tiwari · ‎09-01-2022

Hi @yadavrekha0e0e

You may read https://security.stackexchange.com/questions/140939/does-unpatched-software-comply-with-pci-dss-3-1 It may be helpful for you.

Thanks

---
Problem Solved Click Accept as Solution!:Magento Community India Forum

Robert Rand · ‎09-01-2022

There are vendors supplying patches for the core Magento 1 platform. Mage-One has a paid solution. OpenMage has an open-source solution.

However, from what you've shared, the issue isn't Magento 1 itself, but rather, a payment gateway extension that's no longer supported by the company that developed it.

In that case, your options are to find another gateway extension that's compatible with the same payment gateway or to switch to another gateway entirely.

Can you specify which gateway you're trying to use, and which extension you're using that will no longer be supported?

If there isn't another extension available that is supported, from what you've described, your best bet would be to consider switching payment processors.

Do you have any unique requirements for a new payment processor? (ex. serving specific countries, supporting high-risk products, vaulting/tokenizing credit cards, etc.)